Top

Published in:

2016 | OriginalPaper | Chapter

Providing Ontology-Based Privacy-Aware Data Access Through Web Services and Service Composition

Authors : Sven Hartmann, Hui Ma, Panrawee Vechsamutvaree

Published in: Transactions on Large-Scale Data- and Knowledge-Centered Systems XXX

Publisher: Springer Berlin Heidelberg

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Web services have emerged as an open standard-based means for publishing and sharing data through the Internet. Whenever web services disclose sensitive data to service consumers, data privacy becomes a fundamental concern for service providers. In many applications, sensitive data may only be disclosed to particular users for specific purposes. That is, access to sensitive data is often restricted, and web services must be aware of these restrictions such that the required privacy of sensitive data can be guaranteed. Privacy preservation is a major challenge that has attracted much attention by researchers and practitioners. Hippocratic databases have recently emerged to protect privacy in relational database systems where the access decisions, allowed or denied, are based on privacy policies and authorization tables. In particular, the specific purpose of a data access has been considered. Ontologies has been used to represent classification hierarchies, which can be efficiently accessed via ontology query languages. In this paper, we propose an ontology-based data access model so that different levels of data access can be provided to web service users with different roles for different purposes. For this, we utilize ontologies to represent purpose hierarchies and data generalization hierarchies. For more complex service requests that require composite web services we discuss the privacy-aware composition of web services. To demonstrate the usefulness of our access control model we have implemented prototypes of financial web services, and used them to evaluate the performance of the proposed approach.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Comprehending a Service by Informative Models

Ghani, N.A., Sidek, Z.M.: Privacy-preserving in web services using hippocratic database. In: International Symposium on Information Technology, vol. 1, pp. 1–5 (2008)

Bertino, E., Byun, J.-W., Li, N.: Privacy-preserving database systems. In: Aldini, A., Gorrieri, R., Martinelli, F. (eds.) FOSAD 2004-2005. LNCS, vol. 3655, pp. 178–206. Springer, Heidelberg (2005). doi:10.1007/11554578_6 CrossRef

Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic databases. In: 28th International Conference on Very Large Data Bases (VLDB), pp. 143–154 (2002)

LeFevre, K., Agrawal, R., Ercegovac, V., Ramakrishnan, R., Xu, Y., DeWitt, D.: Limiting disclosure in hippocratic databases. In: 30th International Conference on Very Large Data Bases (VLDB), pp. 108–119 (2004)

Agrawal, R., Kini, A., LeFevre, K., Wang, A., Xu, Y., Zhou, D.: Managing healthcare data hippocratically. In: ACM SIGMOD International Conference on Management of Data, pp. 947–948 (2004)

Massacci, F., Mylopoulos, J., Zannone, N.: Hierarchical hippocratic databases with minimal disclosure for virtual organizations. VLDB J. 15, 370–387 (2006)CrossRef

Laura-Silva, Y., Aref, W.: Realizing privacy-preserving features in hippocratic databases. In: IEEE 23rd International Conference on Data Engineering Workshop, pp. 198–206 (2007)

Li, M., Sun, X., Wang, H., Zhang, Y., Zhang, J.: Privacy-aware access control with trust management in web service. World Wide Web 14, 407–430 (2011)CrossRef

Xiao, X., Tao, Y.: Personalized privacy preservation. In: ACM SIGMOD International Conference on Management of Data, pp. 229–240 (2006)

10.

Samarati, P., Sweeney, L.: Generalizing data to provide anonymity when disclosing information. In: ACM SIGACT SIGMOD SIGART Symposium on Principles of Database Systems, vol. 17, p. 188 (1998)

11.

Sweeney, L.: Achieving k-anonymity privacy protection using generalization and suppression. Int. J. Uncertainty Fuzziness Knowl. Based Syst. 10(05), 571–588 (2002)MathSciNetCrossRefMATH

12.

Miller, J., Campan, A., Truta, T.M.: Constrained k-anonymity: privacy with generalization boundaries. In: Practical Privacy-Preserving Data Mining, p. 30 (2008)

13.

Kisilevich, S., Rokach, L., Elovici, Y., Shapira, B.: Efficient multidimensional suppression for k-anonymity. IEEE Trans. Knowl. Data Eng. 22, 334–347 (2010)CrossRef

14.

Omran, E., Bokma, A., Abu-Almaati, S.: A k-anonymity based semantic model for protecting personal information and privacy. In: IEEE International Advance Computing Conference, pp. 1443–1447 (2009)

15.

Martínez, S., Sánchez, D., Valls, A., Batet, M.: The role of ontologies in the anonymization of textual variables. In: 13th International Conference of the Catalan Association for Artificial Intelligence, vol. 220, p. 153 (2010)

16.

Domingo-Ferrer, J., Torra, V.: Disclosure control methods and information loss for microdata. In: Confidentiality, Disclosure, and Data Access: Theory and Practical Applications for Statistical Agencies, pp. 93–112 (2001)

17.

Iqbal, Z., Noll, J., Alam, S., Chowdhury, M.M.: Toward user-centric privacy-aware user profile ontology for future services. In: 3rd International Conference on Communication Theory, Reliability, and Quality of Service, pp. 249–254 (2010)

18.

Finin, T., Joshi, A., Kagal, L., Niu, J., Sandhu, R., Winsborough, W., Thuraisingham, B.: ROWLBAC: representing role based access control in owl. In: 13th ACM Symposium on Access Control Models and Technologies, pp. 73–82 (2008)

19.

Cirio, L., Cruz, I.F., Tamassia, R.: A role and attribute based access control system using semantic web technologies. In: On the Move to Meaningful Internet Systems Workshops, pp. 1256–1266 (2007)

20.

Kabir, M.E., Wang, H., Bertino, E.: A role-involved purpose-based access control model. Inf. Syst. Frontiers, 1–14 (2012)

21.

Tumer, A., Dogac, A., Toroslu, I.H.: A semantic based privacy framework for web services. In: Proceedings of ESSW (2003)

22.

Gruber, T., et al.: A translation approach to portable ontology specifications. Knowl. Acquisition 5, 199–220 (1993)CrossRef

23.

Wang, Y., Liu, W., Bell, D.: A concept hierarchy based ontology mapping approach. In: Bi, Y., Williams, M.-A. (eds.) KSEM 2010, pp. 101–113. Springer, Heidelberg (2010)CrossRef

24.

Ma, H., Schewe, K.D., Wang, Q.: An abastract model for service provision, search and composition. In: Proceedings of 2009 IEEE Asia-Pacific Services Computing Conference (APSCC), pp. 95–102. IEEE (2009)

25.

Li, M., Wang, H., Plank, A.: Privacy-aware access control with generalization boundaries. In: 32nd Australasian Conference on Computer Science, pp. 105–112 (2009)

26.

Talouki, M., NematBakhsh, M.a., Baraani, A.: K-anonymity privacy protection using ontology. In: 14th International CSI Computer Conference, pp. 682–685 (2009)

27.

Iyengar, V.S.: Transforming data to satisfy privacy constraints. In: 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 279–288 (2002)

28.

Baader, F., et al. (eds.): The Description Logic Handbook: Theory, Implementation and Applications. Cambridge University Press, New York (2003)MATH

29.

da Silva, A., Ma, H., Zhang, M.: GraphEvol: a graph evolution technique for web service composition. In: Chen, Q., Hameurlain, A., Toumani, F., Wagner, R., Decker, H. (eds.) DEXA 2015. LNCS, vol. 9262, pp. 134–142. Springer, Heidelberg (2015)CrossRef

30.

da Silva, A.S., Ma, H., Zhang, M.: A graph-based particle swarm optimisation approach to QOS-aware web service composition and selection. In: 2014 IEEE Congress on Evolutionary Computation (CEC), pp. 3127–3134. IEEE (2014)

Title: Providing Ontology-Based Privacy-Aware Data Access Through Web Services and Service Composition
Authors: Sven Hartmann
Hui Ma
Panrawee Vechsamutvaree
Publisher: Springer Berlin Heidelberg
Book: Transactions on Large-Scale Data- and Knowledge-Centered Systems XXX
Print ISBN: 978-3-662-54053-4

Electronic ISBN: 978-3-662-54054-1

Copyright Year: 2016
DOI: https://doi.org/10.1007/978-3-662-54054-1_5

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner